Posts tagged Rapid7 Perspective

2 min Rapid7 Perspective

Standing Together: A Public Statement from Rapid7 CEO Corey Thomas

It has been shocking for many people in the United States and around the world to see the stark racial injustice and inequality that still exists in the US.

Read Full Post

3 min Rapid7 Perspective

How to Start a Career in Cybersecurity: From Stay-at-Home Mom to Security Pro-in-Training

My name is Carlota Bindner, and here is my story on how I went from being a stay-at-home mom and community volunteer to participating in Rapid7's Security Consultant Development Program.

Read Full Post

8 min Public Policy

The IoT Cybersecurity Improvement Act of 2019

In this blog post, we will walk through the newly introduced IoT Cybersecurity Improvement Act of 2019 and describe Rapid7's position on it.

Read Full Post

2 min Rapid7 Perspective

Helping Kids Hack the Future: Rapid7 Supports BoSTEM Program in Pi Day Fundraiser

Children are our future. That’s why we’re stepping up to support a matching fundraising effort for BoSTEM.

Read Full Post

3 min Rapid7 Perspective

Rapid7 Included in 2019 Bloomberg Gender-Equality Index for Commitment to Diversity

We are extremely proud to announce that Rapid7 has been included in the 2019 Bloomberg Gender-Equality Index (GEI), which recognizes organizations for being transparent in their commitment to gender equality. We are thrilled by this, as the GEI’s scoring method celebrates both our best-in-class elements, as well as our willingness to disclose our efforts toward creating a gender-neutral organization. It also helps us to understand our performance and identify opportunities to continue to learn a

Read Full Post

5 min Rapid7 Perspective

Actually, Grindr is Fine: FUD and Security Reporting

On Wednesday, March 28, NBC reported Grindr security flaws expose users' location data [https://www.nbcnews.com/feature/nbc-out/security-flaws-gay-dating-app-grindr-expose-users-location-data-n858446] , a story which ticks a couple hot-button topics for security professionals and security reporters alike. It’s centered around the salacious topic of online dating in the LGBT community, and hits a personal safety concern for people using the app everywhere, not to mention the possibility of outing

Read Full Post

3 min Threat Intel

Rapid7 Threat Report: Q4 2017 Q4 Threat Report and 2017 Wrap-up

Welcome to Rapid7’s Q4 report, featuring our first annual threat report wrap-up! 2017 Quarterly Threat Report: Q4 and 2017 Wrap-Up Get the Full Report [https://www.rapid7.com/info/threat-report/2017-q4-threat-report] We could not have picked a better year to start doing this, as 2017 was one for the books. While we spent most of the year falling headfirst into a world where nation-state tools are available for anyone to use, the worm re-emerged (now evolved [/2017/06/27/petya-ransomware-explai

Read Full Post

2 min Public Policy

FCC Repeals Net Neutrality: What Now?

[Update 05/16/18: The US Senate passed a resolution [https://www.markey.senate.gov/imo/media/doc/CRA%20Net%20Neutrality%20.pdf], led by Sen. Ed Markey, to reject the FCC rule that repealed net neutrality. Rapid7 supports the resolution and other efforts to effectively reinstate net neutrality safeguards.] This week, Rapid7 hosted an event with Massachusetts’ Edward J. Markey and a number of Boston’s technology and business leaders to protest the likely repeal of net neutrality. Our CEO, Corey T

Read Full Post

4 min Rapid7 Perspective

Attention Humans: The ROBOT Attack

What’s the ROBOT Attack? On the afternoon of December 12, researchers Hanno Böck, Juraj Somorovskym and Craig Young published a paper, website, testing tool, and CTF at robotattack.org [https://robotattack.org] detailing a padding oracle attack that affects the way cryptography is handled on secure websites. ROBOT, which stands for Return Of Bleichenbacher's Oracle Threat, details a weakness in the RSA encryption standard known as PKCS#1v1.5 that can ultimately allow an attacker to learn a secur

Read Full Post

2 min Rapid7 Perspective

Standing with Massachusetts technology leaders in support of net neutrality

On Monday, Rapid7 will host Senator Edward J. Markey and a group of technology and business leaders from across Massachusetts as we stand in support of net neutrality. Together, we’ll affirm our commitment to a free and open internet that promotes growth and innovation and gives all users broad access to internet content. At the heart of net neutrality is the principle that internet service providers must treat all content transmitted across the internet equally. In practice, this means that IS

Read Full Post

5 min Rapid7 Perspective

NCSAM Security Crash Diet, Week 2: Social and Travel

Rapid7 guinea pig 'Olivia' describes her efforts during week two of her security 'crash diet for National Cyber Security Awareness Month. This week focused on social sharing and travel security.

Read Full Post

3 min Rapid7 Perspective

NCSAM: A Personal Security Crash Diet

We're kicking of National Cyber Security Awareness Month by getting a Rapid7 employee to test out the practicality of common security advice. Follow along throughout October.

Read Full Post

2 min Vulnerability Management

Apache Struts S2-052 (CVE-2017-9805): What You Need To Know

Apache Struts, Again? What’s Going On? Yesterday’s Apache Struts vulnerability announcement [https://www.bleepingcomputer.com/news/security/new-apache-struts-vulnerability-puts-many-fortune-companies-at-risk/] describes an XML Deserialization issue in the popular Java framework for web applications. Deserialization of untrusted user input, also known as CWE-502 [https://cwe.mitre.org/data/definitions/502.html], is a somewhat well-known vulnerability pattern, and I would expect crimeware kits to

Read Full Post

7 min Rapid7 Perspective

2017 Cybersecurity Horoscopes

What does 2017 hold for cybersecurity? Our mystics have drawn cards, checked crystal balls, and cast runes to peer into the future. See what the signs have in store for you in the new year. Sage Corey Thomas, Rapid7 Gazing into the future of 2017, I believe we will continue to see market consolidation of security vendors. With a focus on increasing productivity, organizations will move further from disparate, point-solutions that solve just one problem to solutions that can be leveraged through

Read Full Post

4 min IoT

On the Recent DSL Modem Vulnerabilities

by Tod Beardsley [https://twitter.com/todb] and Bob Rudis [https://twitter.com/hrbrmstr] What's Going On? Early in November, a vulnerability was disclosed affecting Zyxel DSL modems, which are rebranded and distributed to many DSL broadband customers across Europe. Approximately 19 days later, this vulnerability was leveraged in widespread attacks across the Internet, apparently connected with a new round of Mirai botnet activity. If you are a DSL broadband customer, you can check to see if yo

Read Full Post

• 1
• 2
• 3